ACCT341, Chapter 9, Ref. 9b
Assignment 9b
1. Why do you think the following situations are considered red flags for employee fraud:
(A) Employee wants time to rewrite records for neatness?
(B) Employee says he unexpectedly received an inheritance from a rich relative?
(C) Employee has been skipping vacations?
(D) Employee regularly turns down promotions?
2. Read the article below entitled “Enemies Within” by Joseph Wells. Answer the following
questions:
(A) What percent of American workers is estimated to steal on the job?
(B) What portion of asset misappropriation involves cash? Why?
(C) What are three ways that cash can be embezzled?
(D) Define skimming and give three examples.
(E) Why is larceny not one of the favorite methods for embezzlement?
(F) What are five forms of fraudulent disbursement?
(G) Briefly summarize three examples of fraudulent disbursement.
(H) What method did Kay Lemon use to cover her tracks?
(I) What are three internal controls that could have prevented Lemon’s fraud?
3. Read the article below entitled “Small Business, Big Losses” by Joseph Wells. Answer the
following questions:
(A) Why are small businesses the most vulnerable to fraud?
(B) Why is determining the true cost of fraud very difficult?
(C) What percent of revenue is estimated to be lost because of occupational fraud?
(D) When comparing asset mis-appropriation with financial statement fraud, what is the
relationship between frequency and severity?
(E) Which of the forms of cash fraud is the most common?
(F) Which of the forms of fraudulent disbursement is most common?
(G) In light of the most common initial detection method, what does the Sarbanes-Oxley Act
(SarbOx or SOX) require?
(H) What data support the effectiveness of anonymous hotlines?
(I) What relationship is there between the size of a fraud and the perpetrator’s position in the
company?
(J) Why are frauds committed by owner/executives more likely detected through a tip than
caught through internal controls?
4. Read the article below entitled “The Case of the Pilfering Purchasing Manager”. Answer the
following questions:
(A) How did Bruce get started down the fraud road?
(B) List the red flags in the Kickback Checklist that you think apply in Bruce’s case.
(C) The three conditions for a fraud to take place are known as the fraud triangle. The three
conditions are: an incentive or pressure to commit fraud, the opportunity to commit fraud
(because of weaknesses in controls, etc.), and the ability to rationalize the fraud.
(1) What incentives did Bruce have to commit fraud?
(2) What internal control deficiencies allowed Bruce the opportunity to commit fraud?
(3) How could he have rationalized it?
(D) In the end, what happened to Bruce and the vendor?
Journal of Accountancy, December, 2001
Asset misappropriation comes in many forms.
Enemies Within
BY JOSEPH T. WELLS
ometimes, the truth isn’t very pretty. Consider, for example, the American workforce.
Although regarded by many as the finest in the world, it has a dark side. According to
estimates, a third of American workers have stolen on the job. Many of these thefts are
immaterial to the financial statements, but not all are—especially to small businesses.
Regardless of the amounts, CPAs are being asked to play an increasingly important role in helping
organizations prevent and detect internal fraud and theft. Responding to these demands requires the
auditor to have a thorough understanding of asset misappropriation. CPAs with unaudited clients can
provide additional services by suggesting a periodic examination of the cash account only.
Although “internal theft” and “employee fraud” are commonly used, a more encompassing term is
“asset misappropriation.” For our purposes, asset misappropriation means more than theft or
embezzlement. An employee who wrongly uses company equipment (for example, computers and
software) for his or her own personal benefit has not stolen the property, but has misappropriated it.
Employees—from executives to rank-and-file workers—can be very imaginative in the ways they scam
their companies. But in a study of 2,608 cases of occupational fraud and abuse, we learned that asset
misappropriation can be subdivided into specific types; the most prevalent are skimming and fraudulent
disbursements.
THE FRAUD TREE
Over the years, the asset misappropriation chart has become known as the “fraud tree” for its numerous
branches. The tree’s trunk consists of two major asset types: cash, and inventory and all other assets.
Crooked employees clearly favor misappropriating the former—nearly nine in 10 illegal schemes in the
study involved the cash account.
The reasons should not be surprising: Cash is fungible, has a specific value and is easily transported.
Inventory—except for consumer goods—has limited usefulness to a thief; an employee in a ball
bearing plant can have a hard time converting the loot into cash. And of course, many business
enterprises don’t have a physical inventory at all.
Source: “Report to the Nation,” 1996. Institute of Certified Fraud Examiners. See the
full report at www.cfenet.com.
THE BRANCHES
On the branches of the fraud tree are three main ways to embezzle cash: skimming, larceny and
fraudulent disbursements. Skimming can be described as the removal of cash prior to its entry into the
accounting system. Here are some examples:
The manager of a movie theater skimmed $30,000. During the theater’s slow times, when he thought
he was not being observed, the manager would print a viewer’s ticket but keep it for himself and allow
the customer to enter the movie without a ticket. Then during busy times, he would resell the tickets he
had withheld and pocket the cash. The manager was caught by an alert employee who happened to pass
by and saw what he was doing.
In a legendary story, the manager of a retail store with six cash registers brought in his own register
and set it up in an empty checkout lane. All sales going through the seventh register went directly to the
manager! Although you would think someone would notice, this scheme reputedly went undetected
until a physical count showed huge inventory shortages.
A government mail-room employee skimmed more than $2 million in taxpayer refund checks that
had been returned by the post office for bad addresses. The employee, with the help of several outside
accomplices, was able to deposit the stolen checks into various banks and withdraw the proceeds. The
scheme was uncovered when a taxpayer called about an overdue refund and found out that his check
had already been cashed.
Larceny is the removal of cash from the organization after it has been entered into the accounting
records. Most of these schemes are detected through bank reconciliations and cash counts. Larceny is
therefore not one of employees’ favorite illicit methods; it accounted for only 3% of the cases in the
study and 1% of the losses. Here are some examples of cash larceny:
A bookkeeping employee, responsible for posting accounts receivable in a small business, stole some
of the cash payments but nonetheless posted the transaction to the company’s accounts-receivable
detail. Within months, the theft had risen to more than $200,000, seriously depleting the business’s
cash. When a bank reconciliation revealed a major discrepancy between the accounts-receivable detail
and cash, the scheme was uncovered.
An employee in charge of taking the company’s money to the bank would regularly remove currency,
then alter the company’s deposit slip to reflect the lower deposit amount. The worker, obviously not an
accounting genius, didn’t realize the discrepancy would be discovered when sales and cash were
reconciled.
Additional research of 732 fraudulent disbursement cases showed they can be subdivided into at least
six specific types: check tampering, false register disbursements, billing schemes, payroll schemes,
expense reimbursement schemes and other fraudulent disbursements. Following are a few common
examples:
A purchasing agent for a major corporation set up a vendor file in his wife’s maiden name, then went
on to approve more than $1 million in company payments to her. The supporting documentation
consisted of the wife’s invoices for “consulting services” that were never rendered. A clerk in the
purchasing department, suspicious of the agent’s recent purchase of a new boat and car, caught on to
the scheme and turned him in.
The CEO of a small nonprofit agency stole $35,000 from its coffers by submitting “check requests”
to the accounting department. The checks were made payable to outside bank accounts the CEO
controlled. The accounting personnel, fearful of angering the boss, made out the checks and delivered
them to him. One accounting clerk finally had enough and alerted the outside auditors, who confirmed
the disbursements were not legitimate.
A worker for one company submitted an expense reimbursement for a trip he supposedly took for
business purposes. Actually, he took his girlfriend to a bicycle rally and attempted to charge the
expense to the company. One problem: On his itinerary, the worker listed the independent auditor who
was examining his expense reimbursement as his traveling companion—not a smart move.
Employees who set up dummy companies for fraudulent disbursements often give clues to their
activities. They will use their own initials for the company name, rent a post office box or mail drop to
receive checks, or use a dummy company name and their own home address.
CASE STUDY: TOO TEMPTING, TOO EASY
Regardless of the method or the asset involved, all asset misappropriation has the same effect on the
books of account. Take the following actual case as an example:
Kay Lemon, a seemingly prim-and-proper grandmother, stole $416,000 from a small Nebraska lighting
store where she had been employed for 20 years as a bookkeeper. Lemon spent three years in the
Nebraska Women’s Correctional Institute after confessing that she’d been hitting the books for eight
years and had blown all the loot on herself and her family.
Lemon’s crime is typical of the risk to small business: The lighting store’s CPA prepared only the
company’s tax returns, so the business was not audited. Lemon also acted as the store’s “accounting
department.” She made deposits, signed checks and reconciled the store’s bank account. Although any
entry-level accountant could recognize this situation as an accident waiting to happen, the store’s owner
did not.
After 12 years of unrelenting temptation, Lemon finally gave in. Thereafter, for years, she
systematically stole money from the lighting store using the same method. She would make out a
company check to herself (in her own true name), sign it and deposit the proceeds in her personal
checking account.
To cover the theft, Lemon would do three simple things: First, she’d enter “void” on the check stub
when she wrote the check to herself. Next, she would add the amount of the theft to the check stub
when she paid for inventory. For example, if she took $5,000 and was paying a vendor $10,000, she
would show $15,000 on the vendor’s check stub. That way, the cash account would always stay in
balance. Finally, when the checks paid to Lemon were returned in the bank statement, she would tear
them up and throw them in the trash.
In looking at Lemon’s inelegant scheme from an accounting perspective, one can see that she had her
choice of three techniques to cover her tracks: false debits, omitted credits or forced balances.
Early Warning Signs of Cash
Misappropriation
The three principle methods employees use to
misappropriate cash can show up early in an
organization’s books. CPAs should be alert to
simple trends when determining a company’s risk of
material embezzlement. Consider one or more of the
following:
Skimming
Decreasing cash to total current assets.
A decreasing ratio of cash to credit card sales.
Flat or declining sales with increasing cost of
sales.
Increasing accounts receivable compared with
cash.
Delayed posting of accounts-receivable payments.
Larceny
Unexplained cash discrepancies.
Altered or forged deposit slips.
Customer billing and payment complaints.
Rising “in transit” deposits during bank
reconciliations.
Fraudulent Disbursements
Increasing “soft” expenses (for example,
consulting or advertising).
Employee home address matches a vendor’s
address.
Vendor address is a post office box or mail drop.
Vendor name consists of initials or vague business
purpose. (Employees often use their own initials
when setting up dummy companies; for example,
“JTW Enterprises”).
Excessive voided, missing or destroyed checks.
FALSE DEBITS
Lemon chose the most logical (and common) method for covering a cash embezzlement: the false
debit. When Lemon credited the bank account for the checks she made out to herself, the corresponding
debit was false. Still, from the standpoint of the accounting equation, the books were in balance.
Lemon and other embezzlers have two choices concerning the false debit: The transaction can be
allocated to an asset account or an expense account. In Lemon’s case, she added her thefts to the
inventory account--an asset. As we CPAs know, that false debit will stay on the books until some
action is taken to remove it. In this situation, the lighting store’s inventory was overstated by $416,000
over eight years, as the store never performed a physical count of its inventory. As a result, when
Lemon’s crime came to light, a huge writeoff was necessary, almost bankrupting the store.
A less obvious move would have been for Lemon to charge the false debit to an expense account,
which is written off every year. It doesn’t matter what the expense is, although these are some favorites:
advertising, legal expense, consulting fees and other “soft expenses.” Here, the expense for fraud gets
written off annually. If the fraud perpetrator can conceal the fraud long enough for the account to be
closed to profit and loss, he or she has gone a long way toward avoiding detection—at least on a current
basis.
OMITTED CREDITS
To understand how omitted credits affect the books, imagine Lemon had taken a different tack. Instead
of writing checks to herself, she would instead intercept incoming cash receipts before they were
posted. Presume further that Lemon would negotiate the checks by forging the endorsement of the
lighting store, then endorsing her own name on the checks, subsequently depositing them in her
checking account.
The net effect would have been that Lemon stole the debit (the cash) and omitted the credit (sales or
accounts receivable); in short, she skimmed the money. This is known as an “off-book fraud,” as
evidenced by the omission of the transaction from the accounting records altogether. If Lemon had
skimmed from sales, there would be only indirect proof of her crime through falling revenue and/or
rising costs. But if she had skimmed from accounts receivable, she would need to create a fictitious
entry to credit the customers’ accounts; otherwise, the books would be out of balance.
FORCED BALANCES
Another technique to conceal asset misappropriation is not the best choice. Lemon could have
attempted to force the balance of the bank accounts and inventory to cover herself. In that situation, she
would have forced the bank reconciliation to equal the amount she was stealing by purposely
misadding the transactions. But that technique requires constant attention. Unless the company has lots
of cash, forcing the bank balance will eventually result in bounced checks. A simple proof of cash
that’s routinely done in an audit will usually catch this scheme.
That’s not what happened to Lemon, though. She had a nervous breakdown because of the pressure
from all those years of stealing and covering it up; she came forward and confessed. Her embezzlement
points out one real benefit of an audit in a small business: Almost any degree of independent review by
a CPA would have uncovered what Lemon was doing.
Embezzlements can be uncovered, but more importantly, people like Lemon will be much less likely to
steal knowing a CPA will be scrutinizing their activities.
JOSEPH T. WELLS, CPA, CFE, is founder and chairman of the Association of Certified Fraud
Examiners, Austin, Texas. Mr. Wells’ article “So That’s Why They Call It a Pyramid Scheme” (JofA
Oct.00, page 91) has won the Lawler Award for best article in the JofA in 2000. His e-mail address is
joe@cfenet.com
Journal of Accountancy, December 2004
Audits and hotlines stack up as the best crime busters in a new ACFE study.
Small Business,
Big Losses
BY JOSEPH T. WELLS
ccupational fraud has become—at least so far—the crime of the 21st century. It is
a widespread phenomenon that affects practically every organization. The frauds in the
2004 Report to the Nation on Occupational Fraud and Abuse, from the Association of
Certified Fraud Examiners, caused over $761 million in total losses, with a
disproportionate percentage committed against small businesses—almost half of the
frauds in the study took place in businesses with fewer than 100 employees. Not
surprisingly such businesses are less likely to be audited or employ antifraud measures
than the larger ones.
The 2004 Report to the Nation on Occupational Fraud and
Abuse, from the Association of Certified Fraud Examiners, can be
downloaded at www.cfenet.com.
Several broad conclusions can be drawn from the 2004 report. First, though the losses have been
stable over the years, the fact that in one year alone they are approaching $660 billion is cause for
concern. Dishonest executives and employees are plying essentially the same schemes with the
same results. Second, although large financial statement frauds receive the most attention, they are
relatively uncommon compared to asset misappropriations and corruption. Third, small businesses
remain the most vulnerable to occupational fraud because of three factors: They are the least likely
to have an audit, a hotline or adequate internal controls. Fourth, audits—both internal and
external—although excellent prevention devices are not the most effective means of detecting
frauds. Fifth, hotlines and other reporting mechanisms are a vital part of any organization’s
prevention efforts but should go beyond employees to vendors and customers, too. Finally,
occupational fraud cannot be eliminated but organizations that use both hotlines and auditors can
greatly reduce these costly crimes.
Occupational fraud schemes can be as simple as pilferage of company supplies or as complex as
sophisticated financial statement frauds. This article summarizes some of the key findings of
certified fraud examiners (CFEs) in cases they investigated. Internal and external auditors and
CPAs advising small business clients will learn of the most effective antifraud measures.
MEASURING THE COST OF FRAUD
Determining the true cost of occupational fraud is an impossible task. Because fraud is a crime
based on concealment, organizations often do not know when they are being victimized. Many
frauds never are detected or are caught only after they have gone on for several years. Many of
those are never reported or prosecuted. In fact, there is no agency or organization that is
specifically charged with gathering comprehensive fraud-related information. All of these factors
combine to make any estimate of the total cost of occupational fraud just that—an estimate.
The study asked CFEs to give their best estimate of the percentage of revenues a typical
organization in the United States loses in a year as a result of occupational fraud. The median
response was 6%, the same result obtained from previous studies. This is a staggering figure. If
multiplied by the U.S. gross domestic product, which for 2004 will total over $11 trillion, it would
translate into $660 billion in annual fraud losses (see exhibit 1).
Exhibit 1: Total Occupational Fraud
Losses
VICTIMIZED ORGANIZATIONS
The victims of occupational fraud are the organizations that employ the fraud perpetrators and
suffer losses as a result of these crimes. Exhibit 2 shows the distribution of frauds in the ACFE
survey, based on the type of organization that was victimized.
Exhibit 2: Type of Organization Victimized
Approximately 46% of the occupational frauds in our study were committed in small businesses
(defined as organizations with fewer than 100 employees). The impact of occupational fraud on
small businesses was much greater than on larger companies (see exhibit 3). Part of the reason for
the larger losses is that small businesses are the least likely to be audited. As noted in the 2002
report, the audit appears to be a powerful deterrent to occupational fraud.
Exhibit 3: Median Loss Based on Size of Organization
HOW OCCUPATIONAL FRAUD IS COMMITTED
A major goal of the study was to gain a better understanding of how fraud is committed and the
types of schemes that tend to produce the largest losses. We classified each fraud according to the
methods used by the perpetrator. Breaking down occupational frauds into distinct categories also
helps CPAs better understand the common characteristics, which in turn assists in the development
of better antifraud tools.
There are three major categories of occupational fraud to consider:
Asset misappropriations. These schemes involve the theft or misuse of an organization’s assets by
such means as skimming revenues, stealing inventory or committing payroll fraud.
Corruption. Fraudsters wrongfully use their influence in business transactions to procure some
benefit for themselves or another person. One of the most common is accepting kickbacks or
engaging in conflicts of interest.
Fraudulent financial statements. These generally involve falsification of an organization’s
financial statements by overstating revenues or understating liabilities or expenses.
Exhibit 4: Methods of Fraud—All Occupational Frauds
Note: The percentages exceed 100% due to multiple schemes in more than
one category.
While asset misappropriations were by far the most common of the three categories, occurring in
over 90% of the cases, they also had the lowest median loss, at $93,000. Conversely, fraudulent
financial statements were the least common (7.9%) but had the highest median loss at $1,000,000.
(See exhibit 4 and exhibit 5.)
Exhibit 5: Breakdown of Asset
Misappropriations
Note: The percentages exceed 100% due to multiple
schemes in more than one category.
CASH MISAPPROPRIATIONS
Of the cases in the study, 87% involved some form of cash misappropriation. Cash frauds fall into
one of three categories:
Fraudulent disbursements. A perpetrator causes his organization to disburse funds through some
trick or device, such as submitting false invoices or forging company checks.
Skimming. Cash is stolen from an organization before it is recorded on the organization’s books
and records.
Cash larceny. Cash is stolen from an organization after it has been recorded on the organization’s
books and records.
Approximately three-fourths of the cash frauds in the study involved some form of fraudulent
disbursement, making this the most common category by far. Schemes that involved a fraudulent
disbursement also had the highest median loss, at $125,000. (See exhibit 6.)
Exhibit 6: Breakdown of Cash
Misappropriations
Note: The percentages exceed 100% due to multiple
schemes in more than one category.
FRAUDULENT DISBURSEMENTS
Just over half of the fraudulent disbursement cases in our study involved billing fraud, making this
the most common type. Among these cases the highest median loss occurred in schemes involving
check tampering. (See exhibit 7.) The schemes included the following:
Exhibit 7: Breakdown of Fraudulent
Disbursements
Note: The percentages exceed 100% due to multiple schemes
in more than one category.
Billing. A fraudster causes the victimized organization to issue a payment by submitting invoices
for fictitious goods or services, inflated invoices, or invoices for personal purchases. Example:
When a secretary for a public company interceded on behalf of an unpaid legitimate supplier and
the accounts-payable department could not locate the original invoice, it nonetheless agreed to pay
the vendor based on a fax copy. Seizing on this basic internal control deficiency, the secretary and
two nonemployee accomplices set up three phony companies, submitting fax copies of doctored
original invoices for “consulting fees.” The fraud was discovered when a manager questioned a
huge variation in the budget—but not until four years and $1.7 million later.
Payroll. An employee causes the victim organization to issue a payment by making false claims
for compensation. Example: A controller for a small nonprofit organization, believing she should
be earning twice her salary, added a “ghost” employee to the payroll. Since she managed both the
bank accounts and the books—a serious internal control deficiency—that was easy enough to do.
Every pay period, she wrote a paycheck to the nonexistent ghost, but thanks to the company’s
direct payroll deposit policy, the money actually went straight to her bank account. The bank
evidently never noticed the discrepancy. During a surprise audit of the payroll account, the
controller mysteriously left town. It didn’t take the auditors long to figure out why when they
matched the direct deposits and uncovered the scheme, which had cost the nonprofit $208,000 over
three years.
Expense reimbursements. An employee enters a claim for reimbursement of fictitious or inflated
business expenses.
Check tampering. The perpetrator converts an organization’s funds by forging, altering or stealing
a check. Example: The administrative assistant to a CEO of a privately held company knew her
boss’s habits all too well. Each week, right before lunch, she presented him with a stack of checks,
which he quickly signed. He didn’t notice the checks were prepared in erasable ink. The
administrative assistant—who also acted as the company’s bookkeeper—would change the payee
on the checks, deposit the funds to her own bank account and post the checks to various company
expenses in order to conceal the fraud. When the checks were returned in the bank statement, the
assistant would change the name back to the payee to whom the payment was originally directed.
In her haste, however, she altered checks meant to pay the boss’s personal expenses. In the end, the
boss’s appetite cost him a half-million dollars.
Register disbursements. An employee makes false entries on a cash register to conceal the
fraudulent removal of currency. Example: A crafty service station attendant discovered a flaw in
the cash register system; it could put a sale on hold until the transaction was completed. Simply
depressing the “hold” button for a few extra seconds made the transaction disappear altogether. So
when a customer bought gasoline, the clerk would erase the sale and pocket the proceeds.
Company auditors finally noticed a large disparity when they compared fuel inventory to sales.
After exhausting all other possibilities (including leaks in the fuel storage tanks), they installed
surveillance cameras over the cash registers and caught the fraudster on tape. This simple scheme
cost the company $132,000.
DETECTING FRAUD
As in the 2002 study, the most common means of detection—by a wide margin—was through tips
(see exhibit 8). Recognizing the value of encouraging tips, section 301 of the Sarbanes-Oxley Act
requires audit committees of publicly traded companies to establish procedures for “the
confidential, anonymous submission by employees of the issuer of concerns regarding
questionable accounting or auditing matters.”
Exhibit 8: Initial Detection of Occupational Frauds
Note: The percentages exceed 100% because some respondents identified more
than one method.
Respondents were asked what, if any, antifraud measures they had in place at the time the frauds
occurred. They listed anonymous reporting mechanisms (typically hotlines), internal audit or fraud
examination departments and external audits. Exhibit 9 shows the percentage of victimized
organizations that had implemented these mechanisms.
Exhibit 9: Frequency of Antifraud Measures
Note: Some respondents had more than one measure in place.
HOTLINES WORK
To test the effectiveness of each antifraud control, the study measured the median loss for
organizations with controls against those without them. The figures showed that anonymous
reporting mechanisms had the greatest impact on reducing fraud losses. Organizations that did not
have reporting mechanisms suffered median losses that were more than twice as high as
organizations with them. (See exhibit 10.) This was consistent with the findings of the 2002 report.
Exhibit 10: Median Loss Based on Whether
Organization Had a Hotline
This result is also consistent with the data the ACFE gathered showing the most common way for
frauds to be discovered is through tips. Obviously, hotlines and other reporting mechanisms are
designed to facilitate tips on wrongdoing. The fact that tips were the most common means leading
to detection—combined with the fact that organizations that had reporting mechanisms showed the
greatest reduction in fraud losses—indicates this is an extremely valuable antifraud resource. The
effectiveness of these reporting mechanisms is significantly higher when they are made available
to customers, vendors and other third parties—not just employees. Organizations that rushed to
implement employee hotlines to comply with Sarbanes-Oxley might profit from adding these
valuable additional sources of information.
Curiously, anonymous reporting mechanisms were the least common antifraud measure of the
three we tested for; only slightly more than one-third of victim organizations in our study had
established anonymous reporting structures at the time they were victimized.
THE WAGES OF CRIME
Generally speaking, the position perpetrators held in an organization and their annual income
tended to be the most significant factors in the size of losses in a fraud scheme. As the employees’
level of authority rose, so did fraud losses. In just under 5% of the cases in the ACFE study, the
perpetrator earned more than $200,000 a year—but, in those cases, median losses exceeded $1
million (see exhibit 11).
Exhibit 11: Median Loss Based on Perpetrator’s Annual Income
OBSERVATIONS
In many respects, the ACFE’s 2004 report supported its findings of 2002: Small businesses still
were disproportionately affected by occupational frauds, asset misappropriations still accounted for
approximately 90% of reported cases and the vast majority of perpetrators were still first-time
offenders. As in 2002 occupational frauds still were much more likely to be detected by a tip than
through an internal or external audit; and anonymous reporting mechanisms such as hotlines still
exhibited the greatest impact on occupational fraud losses.
But the 2004 report also presents new information about occupational fraud that is especially
critical in the post Sarbanes-Oxley world. For example, the ACFE found that over half of all frauds
committed by owner/executives were detected through a tip, which was much higher than the rate
for fraud in general. By comparison, only 6% of these cases were caught through internal controls.
Obviously, this was because owners and executives often were able to override controls to commit
fraud. Given the fact that schemes by owner/executives now must be disclosed to audit committees
regardless of whether they are material, and that these schemes tend to be the most costly, the
study offers strong support for Sarbanes-Oxley’s requirement for the establishment of anonymous
reporting mechanisms.
RESOURCES
AICPA Resources
Books
CPA’s Handbook of Fraud and Commercial Crime Prevention (#
56504JA).
Financial Reporting Fraud: A Practical Guide to Detection and
Internal Control (# 029879JA).
Fraud Detection in a GAAS Audit (# 006615JA).
CPE
Introduction to Fraud Examination and Criminal Behavior (#
730275JA).
Identifying Fraudulent Financial Transactions (# 730244JA).
Finding the Truth: Effective Techniques for Interview and
Communication (# 730164JA).
For more information, to register or to place an order, go to
www.cpa2biz.com or call the Institute at 888-777-7077.
AICPA antifraud initiatives
Antifraud and Corporate Responsibility Resource Center,
http://antifraud.aicpa.org/.
SAS no. 99 information.
Management Antifraud Programs and Controls (SAS no. 99
exhibit).
Fraud Specialist Competency Model.
Free corporate fraud prevention training and CPE.
Academia outreach and assistance.
Other antifraud activities.
The 2004 report also looked more deeply into the ways in which small businesses were affected by
occupational fraud. The ACFE found one-third of the small business cases involved a billing
scheme, and one-third involved check tampering—two forms of fraudulent disbursements that
typically succeed when there is a lack of control over the company checkbook. This suggests that
if there is one critical area where small businesses should focus their antifraud efforts and
resources, it is in establishing solid controls—including a strong separation of duties—over the
check-cutting and payables functions.
The ACFE also found that very few small businesses in the study—only 31%—had any form of
internal audit or fraud examination department. But among that group, it was the internal audit
department that detected half of the frauds. This suggests that internal auditors can have a
significant impact in detecting occupational fraud and minimizing losses in small businesses.
JOSEPH T. WELLS, CPA, CFE, is founder and chairman of the Association of Certified Fraud
Examiners and professor of fraud examination at the University of Texas at Austin. Mr. Wells won
the Lawler Award for the best JofA article in 2000 and 2002 and has been inducted into the
Journal of Accountancy Hall of Fame. His e-mail address is joe@cfenet.com.
Journal of Accountancy, May 2004
One way to deter dishonest employees: Make vacations
mandatory.
The Case of the Pilfering
Purchasing Manager
BY JOSEPH T. WELLS
hris, we have a problem,” said the voice on the other end of the line. “Our
purchasing manager, Bruce, is on vacation and we think we have discovered some
irregularities.” Chris Rosetti, CPA, swung into action.
Rosetti—a partner with BST Advisors LLC in Albany, New York—had done limited work
for the client, a state agency, in the past. This time, he quickly discovered the agency had two
key internal control deficiencies. The first was that Bruce hadn’t been forced to use his
vacation time in three years. Rosetti, a veteran adviser in at least 100 fraud cases, had seen
this situation many times: Once employees start committing fraud, they can’t take time off
because they need to constantly cover up what they’re doing. The second deficiency was that
Bruce was allowed to approve new vendors. So, not only was he approving the purchases, but
he also was selecting the vendors—a serious breach of separation of duties. When he was
forced to take time off to attend to his sick wife, the agency received requests for payment on
three invoices for which there were no vendor files. They were later located in Bruce’s desk.
That’s when Rosetti was called in.
In examining the vendor files, Rosetti noted a number of oddities. For one, Bruce had
approved the purchase of a large quantity of high-priced “computer cleaning kits”—many
more than the agency had computers. And an employee remembered the so-called kits
consisted of nothing more than Q-tips, gauze pads and rubbing alcohol. “And I noticed there
were multiple purchases just under Bruce’s $2,500 approval limit. Purchases over that amount
would have required supervisory approval,” Rosetti said.
The Kickback Checklist
Favoritism toward one vendor.
One or more of these red flags call for a
closer look at the operations of a
purchasing agent.
Excessive purchases from one vendor.
He or she doesn’t take time off.
The purchasing agent has personal
financial problems.
The agent’s lifestyle is too
extravagant for his or her income.
Prices charged are higher than market average.
Expenditures come in just under the review
limit.
Multiple purchases over a short period.
Substandard products or services.
Accelerated payment of invoices.
Close personal relationship between
purchasing agent and vendor.
Sole-source purchases of merchandise or
services.
PRESERVING EVIDENCE BY THE BOOK
Rosetti made two photocopies of the documents and returned the original files to Bruce’s
desk. “If Bruce had come back before I completed my investigation,” said Rosetti, “I didn’t
want him to become suspicious and perhaps destroy other key evidence I had not yet
identified.” Rosetti locked one set in his own filing cabinet. In doing this, the CPA, also a
certified fraud examiner, was following a standard industry practice. (Under the “best
evidence” rule accepted by courts, if the original documents are lost or destroyed, a copy can
substitute for the original.)
Examination of the documents had revealed that although there were three different vendor
names, they all had identical Atlanta addresses and used the same federal tax I.D. number.
Believing he was seeing only the tip of the iceberg, Rosetti asked that his client do a computer
run on payments made to the suspicious vendors over a five-year period. Bingo. The total
exceeded $350,000, with all of the payments just under Bruce’s approval limit.
Rosetti next conducted discreet interviews with Bruce’s coworkers and superiors. “As a state
worker,” Rosetti found out, “he had a rather modest salary considering his responsibilities.
And he was married, had six children and a seriously ill wife.” At its warehouse, Rosetti tried
to confirm the agency had actually received the items on orders Bruce had approved. “No one
there could remember receiving more than a few computer cleaning kits.” And the warehouse
manager told Rosetti that he recalled one vendor had given Bruce a television that—boldly—
was shipped directly to the office.
CLOSING IN
The CPA felt he’d developed enough evidence to confront his suspect. Through experience
and training Rosetti knew that a confession was more likely if Bruce wasn’t interviewed in
the comfort of his own office. “The key to obtaining a confession is to create stress in the
subject, who then will often admit wrongdoing to alleviate it,” Rosetti said. When Bruce
returned from vacation, his supervisor told him Rosetti was conducting an audit of agency
practices and needed to see him at the CPA’s office. “It is best to conduct admission-seeking
interviews by complete surprise,” said Rosetti. “You don’t want the subject to have time to
think about what to say. And you don’t want to schedule such an interview with much
advance notice, because it is possible that a suspect simply wouldn’t show up.”
So when Bruce arrived at the CPA’s office, he had no idea what was in store for him. Rosetti
had avoided any possibility of a tip-off. He spent a few minutes asking Bruce perfunctory
questions about his duties and procedures. Then he completely changed his tack. “Bruce,”
Rosetti said quietly, “we have evidence that you have been receiving kickbacks from
vendors.” The color completely drained from Bruce’s face. “As confessions go, this one was
easy,” the CPA said. “In less than an hour, I had the whole story, which I put in the form of a
written statement for Bruce to sign. Like many other suspects, he was relieved that it was
finally out in the open.”
PRACTICAL TIPS TO REMEMBER
When closing in on a fraud suspect
Make copies of all suspicious documents.
Don’t alert a suspect he or she is about to be interviewed.
Interview the suspect in a location unfamiliar to him or her when seeking an
admission of guilt.
Don’t show the suspect evidence unless necessary for a confession.
Convert a verbal confession into a written statement.
THE ENVELOPE, PLEASE
According to Bruce, his life of crime began when he received a $100 money order sent to his
home. There was no return address on the envelope, no note, nothing. The purchasing agent,
who was financially strapped, cashed the money order and spent the funds.
A few days later, he received a telephone call from a vendor who had recently started doing
business with Bruce. “Did you get the $100 I sent to your home?” the vendor asked. Bruce
replied, “Oh, that money was from you?” The vendor chuckled, “Yes, I just wanted to send
you a little gift to thank you for your business.” The “vendor gift” is one of the most common
ways unwary employees are compromised.
“Once Bruce had spent the hundred dollars, he was hooked,” said Rosetti. “The vendor told
the purchasing agent there was more to come if he continued to do business with his
company. Being the needy guy he was, he started approving purchases in exchange for
regular cash payments from the vendor.”
In such schemes, the products or services eventually become substandard, overpriced or
nonexistent, which brings up one big problem with purchasing agents who receive kickbacks:
They’re hardly in a position to complain. So there is little the bribe-taker can do about it. In
Bruce’s case the vendor just stopped shipping merchandise altogether. “The vendor told
Bruce that unless he continued to approve invoices for payment, he would reveal his conduct
to the agency,” Rosetti said. “That’s one of the reasons Bruce was relieved when he
confessed; he always worried he would be discovered.”
Considering all of that worry, Bruce sold out cheap. For $350,000 in inflated or nonexistent
purchases, the state worker got only about 1%, or around $3,500. The vendor sent the $100
payoffs—either in cash or by money order—to a service station owned by Bruce’s father-inlaw, who didn’t know their real purpose.
“Because Bruce was very cooperative and contrite about his activities, I asked him to help get
evidence against the vendor,” Rosetti said. “We recorded a series of his telephone calls with
the vendor, and sure enough, the vendor offered to send money for approving invoices.” The
case was turned over to the United States Attorney.
Unfortunately, the prosecutor could not press charges against the vendor because the voice on
the tape recording—analyzed by a spectrograph—was not sufficiently distinct from that of the
vendor’s son, who worked at the same company. Crime didn’t pay for Bruce, though: He was
fired, ordered to pay restitution, spent six months in jail and was placed on five years’
probation. By any measure, that’s a hefty price to pay.
PREVENTING KICKBACKS
The agency could have easily avoided this crime by using simple but effective control
measures such as
Job rotation. Bruce had been in the same position for more than six years. Purchasing
agents are subject to constant temptation by unscrupulous vendors. Therefore they shouldn’t
be in the same job and deal with the same vendors indefinitely. But many small organizations
don’t have enough staff to rotate jobs. In that case a CPA should be hired to closely examine
key risk areas such as purchasing, even if a full audit is not necessary.
Closer supervision. The agency’s manager knew of Bruce’s financial woes. After adding up
the facts—an employee in financial straits who has the authority to approve purchases—
Bruce’s supervisor should have been more diligent in overseeing his duties by periodically
examining the purchases. Without invading employees’ privacy, managers should be alert to
workers’ money pressures.
Separation of duties. The most effective control mechanism to prevent employee fraud is
the separation of duties. Ideally, different personnel will handle the following duties: vendor
approval, purchase requisitions, purchase approval, receiving and payment. This will not
prevent collusion, but most frauds are committed by one individual acting alone.
As in most fraud cases, there were no winners in this one. The agency lost money and public
trust; the vendor lost what could have been a long-term customer; and Bruce lost his job,
reputation and freedom. As Rosetti succinctly put it, “With basic controls and oversight, this
crime wouldn’t have happened.”
Joseph T. Wells, CPA, CFE, is founder and chairman of the Association of Certified Fraud
Examiners and professor of fraud examination at the University of Texas at Austin. He won
the Lawler Award for the best JofA article in 2002 and has been inducted into the Journal of
Accountancy Hall of Fame.
Resources
Books
CPA’s Handbook of Fraud and Commercial Crime Prevention (# 56504JA)
Financial Reporting Fraud: A Practical Guide to Detection and Internal Control
(# 029879JA)
Fraud Detection in a GAAS Audit (# 006615JA).
CPE
Introduction to Fraud Examination and Criminal Behavior (# 730275JA)
Identifying Fraudulent Financial Transactions (# 730244JA)
Finding the Truth: Effective Techniques for Interview and Communication (#
730164JA)
Conference
AICPA Conference on Advanced Litigation Services and Fraud
September 26–29, 2004
JW Marriott Desert Ridge, Phoenix
For more information or to place an order or to register, go to www.cpa2biz.com or
call the Institute at 888-777-7077.
AICPA Antifraud Initiatives
Antifraud and Corporate Responsibility Resource Center, http://antifraud.aicpa.org/.
SAS no. 99 information.
Management Antifraud Programs and Controls (SAS no. 99 exhibit).
Fraud Specialist Competency Model.
Free corporate fraud prevention training and CPE.
Academia outreach and assistance.
Other antifraud activities.